And I'm curious how would this impact on debt agencies, for example, if I add an account default years ago and now statute barred, could I then ask the company to forget me and apply again to their company with no ability for them to see my previous failed accounts?

It's all very intriguing to know if this is one thing that, for its infancy at least, can be used against our OCs!

GDPR is a bag of worms and everyone is getting het up about it. Over egging it as well in my opinion, particularly about "consent". If you look at the actual guidance then what's needed is a "Lawful basis" for handling and retaining the data. This doesn't always need consent.

So a challenge to debt collectors needs to be targeted, not just on the issue of consent but challenging whether they have any rights under the other grounds.

I kind of agree with you pieintheskywhenIdie, at first this seemed like a big thing but the more I have looked into it and asked around, it doesn't seem to be as world ending as was being first made out.

For example, my local bank stated that consent 'has to be given' not opted out of. I have also noticed that I have received a number of emails from companies and services I have used recently as well as companies I have used years ago (approx 5 +) requesting me to click on an opt in link to continue to receive their mails.

This isn't the de-facto run down of the whole of what the new GDPR is about as there have been a number of changes recently such as open banking, so for anyone reading this who still has concerns then please continue your own research on the subject.

P.S forgot to add, good post dianne1985, it will be good if this can be used in some way to throw off third party interlopers.